Title: VARIOUS TYPES OF AUDIT IN THE BANK
1VARIOUS TYPES OF AUDIT IN THE BANK
- BY
- BALJEET KUMAR SHARMA
- Asstt Gen Manager
- SBLC, DEHRADUN
2AUDIT FUNCTION
- CREDIT AUDIT CODUCTED BY INSPECTION MANAGEMENT
AUDIT DEPARTMENT, CORPORATE CENTRE, HYDERABAD - INFORMATION SYSTEMS (IS) AUDIT CONDUCTED BY
INSPECTION AUDIT DEPARTMENT, CORPORATE CENTRE,
HYDERABAD - STATUTORY AUDIT CONDUCTED BY OUTSIDE CHARTERED
ACCOUNTANTS EMPANELLED BY RBI - CIRCLE AUDIT CONDUCTED BY CIRCLE AUDIT
DEPARTMENT - CONCURRENT AUDIT CONCURRENT AUDITORS ARE POSTED
IN GROUP-I AND OTHER SELEXCT BRANCHES - INCOME AUDIT WILL BE ORDERED BY CGM AT SELECT
BRANCHES AT THE INSTANCE OF CORPORATE CENTRE - AUDIT UNDER SECTION 35 CONDUCTED BY RBI
INSPECTORS UNDER SECTION 35 OF BANKING REGULATION
ACT - FEMA AUDIT CONDUCTED BY RBI AS PER SECTION 12 OF
FEMA ACT - GOVERNMENT AUDIT
- MANAGEMENT AUDIT
- RFIA RISK FOCUSED INTERNAL AUDIT, CONDUCTED BY
INSPECTION MANAGEMENT AUDIT DEPARTMENT,
CORPORATE CENTRE, HYDERABAD
3GENESIS OF RISK FOCUSED INTERNAL AUDIT
- RBI in its monetary policy Statement for the year
2001-02 announced the move towards Risk Based
Supervision (RBS) of Banks - In the light of changing trends in the
international banking scenario due to
globalization, RBI introduced RBS in the banks - Risk Based Internal audit is a part of RBS
4NEED TO MOVE TO RFIA
- Deregulation and liberalization of Indian
Financial sector - New financial markets and products, Higher Risk
- Internal control system, Internal audit function
conforming to BASEL norms - New BASEL CAPITAL ACCORD
- Providing necessary checks and balances
5WHAT IS INTERNAL AUDIT?
- Internal audit must review and report upon the
control environment as a whole - It is the process by which Risks are identified,
analyzed and managed - Reports on the reliability and integrity of
corporate management function, and - Comments on compliance with rules and regulations
6WHEN WAS RFIA INTRODUCED IN SBI?
- As part of introduction of RBS, State Bank of
India introduced Risk Focused Internal Audit
(RFIA) of all branches w.e.f. 01.04.2003 based on
the recommendations of the Management Audit Group
headed by Shri S N Sawaikar, Dy.MD (Retd) (Also
called Sawaikar Committee)
7SALIENT FEATURES OF RFIA
- Shift from the system of full scale transaction
testing to risk identification, prioritization of
audit areas and allocation of audit resources
based on risk management - Risk identification (Grouping of branches)
- Rigour/Frequency of Audit based on Risk profile
emerging - Functionally independent in all areas of Audit
- The SIGH portion of erstwhile inspection report
format has also been modified in tune with
parameters contained in Audit Report Formats with
new code numbers and has been renamed SDRM
(Serious Deviations in Risk Management systems) - Concept of Management Letter, generation of Heat
Maps and submission of special reports
8BRANCH CATEGORISATION UNDER RFIA
- As per initial audit plan, branches have been
categorized into three groups based on perception
of inherent risks assessed on banks products,
services, volume of business, complexity of
business and contribution to banks income. Group
I (High Risk), Group II (Medium Risk) and Group
III (Low Risk). Review of grouping has been done
with effect from 01.04.2006 after completion of
one audit cycle and on the basis of feedback
received.
9THE MAJOR CHANGES INITIATED IN RFIAw.e.f.
01.04.2006
- Regrouping of branches
- Business Parameters de-linked from Risk
assessment. Coe parameters in Set I and Set II
have been replaced by Risk and Business
Parameters - Three rating system introduced
- Separate ARFs for various types of branches and
BPR entities - Separate ARFs for Bank Master and CBS branches
designed - I.S.Audit formats in tune with IT / IS security
policies developed - Focused audit queries added in customer service,
fraud prevention, control environment, branch
management, marketing efforts, etc. - Rating / scoring pattern changed
- Rationalization the integration of credit audit
score for credit risk management with cc audit
report - Provision for capturing trend of risk over
previous two audits (To assess whether increasing
/ stable / decreasing)
10Significance of regrouping of branches now
- Grouping of branches is a dynamic concept and
based on the actual risk experience, the branches
in the group would need to be reviewed at
periodical intervals. - Our Operational Risk Management (ORM)
Consultants, M/s. Deloitte Touche, suggested
that the number of Group I branches should be
brought down. And we need to update the grouping
on recent business data because the business data
used by Sawaikar committee was as on 31.03.2001
11THE NUMBER OF BRANCHES CATEGORISED UNDER GROUP I
AND THE REVISED NORMS FOR CATEGORIZATION
- As per the revised norms given below, 314
branches were categorized under Group I having
share of 32 of deposits, 57 of advances, 52 of
Interest Income, 52 of Other Income and 89 of
Forex Income. (Based on figures as on 31.03.2005) - All DGM Above Incumbency Branches
- All CAG, MCG SAMG Branches
- All Branches with Non Food Advances exceeding
Rs.100 Crore - Branches with aggregate Non Food and Non-CI
advances of Rs.50 Crore and above - Branches with Other Income of Rs.10 Crore and
above (and not included in items above)
12REVISED RISK RATING SYSTEM
- SCORE RANGE
- 85 above
- Between 70 lt85
- Between 50 lt 70
- Less than 50
- GRADE
- WELL CONTROLLED
- ADEQUATELY CONTROLLED
- NEEDS IMPROVEMENT
- UN-SATISFACTORY
13REVISED GENERAL EFFICIENCY RATING SYSTEM w.e.f.
01.10.2008
- RATING SCORE RANGE RISK RATING
SCORE -
(MINIMUM) - A PLUS
W C 850 - A
A C -700 - B PLUS
N I 500 - B
U S - ..
14REVISED PERIODICITY OF RFIA WITH EFFECT FROM
01.04.2006
RISK TAKING GROUP I (within) GROUP II (within) GROUP III (within)
Well controlled 18 months 21 months 21 months
Adequately controlled 15 months 18 months 18 months
Needs improvement 12 months 12 months 12 months
Unsatisfactory 6 to 8 months 6 to 8 months 6 to 8 months
Newly opened branches 12 months 12 months 12 months
15(No Transcript)
16(No Transcript)